JSPM

@pearl-framework/auth

0.1.1
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 13
  • Score
    100M100P100Q42689F

Pearl.js auth — JWT, session, and API token authentication guards

Package Exports

  • @pearl-framework/auth

Readme

@pearl-framework/auth

JWT and API token authentication guards for Pearl.js

Installation

pnpm add @pearl-framework/auth @pearl-framework/http jsonwebtoken bcryptjs

Usage

Implement AuthUser

import type { AuthUser } from '@pearl-framework/auth'

export class User implements AuthUser {
  constructor(
    public id: number,
    public email: string,
    public passwordHash: string,
  ) {}

  getAuthIdentifier() { return this.id }
  getAuthPassword()   { return this.passwordHash }
}

Implement UserProvider

import type { UserProvider } from '@pearl-framework/auth'
import { Hash } from '@pearl-framework/auth'

export class DrizzleUserProvider implements UserProvider<User> {
  async findById(id: number | string) {
    return User.find(db, id) as Promise<User | null>
  }

  async findByCredentials(email: string, password: string) {
    const [row] = await db.select().from(users).where(eq(users.email, email))
    if (!row) return null
    const valid = await Hash.check(password, row.passwordHash)
    return valid ? new User(row.id, row.email, row.passwordHash) : null
  }
}

JWT guard

const guard = new JwtGuard(new DrizzleUserProvider(), {
  secret: process.env.JWT_SECRET!,
  expiresIn: '7d',
})

// Login
const token = await guard.attempt(email, password)

// Protect routes
router.post('/auth/login', loginHandler)
router.get('/me', meHandler, [Authenticate(authManager)])

Hash passwords

import { Hash } from '@pearl-framework/auth'

const hash  = await Hash.make(password)
const valid = await Hash.check(password, hash)